Poor identity, access and credential management is the biggest cybersecurity challenge for cloud computing, after the shift to remote working has redefined the workplace and changed priorities around the use of cloud applications and services, warns new research.
According to a survey of 700 industry experts on security issues in the cloud industry carried out by the Cloud Security Alliance, a not-for-profit that promotes best practices for cloud computing, insufficient identity, credential, access and key management for privileged accounts is a top concern around cloud cybersecurity.
The shift towards remote and hybrid working has changed how businesses and employees operate, no longer accessing office applications and productivity suites installed on their PCs at the office, but rather accessing the tools they need through software-as-a-service and cloud-based productivity suites – from any device, no matter where they are.
That shift means managing access to resources and files is vital, especially when administrator or other high-level privilege access is required. But organisations are struggling to achieve this, particularly as many end users are now situated outside the company firewalls and traditional protections.
The ability to access cloud tools with a username and password is proving highly beneficial for many workers and employers, but it's also providing cyber criminals with low-hanging fruit. If hackers can breach the username and password, they have the same access as the user – and with a legitimate account, which means suspicious activity might not be detected as promptly.
ZDNET SPECIAL FEATURE: SECURING THE CLOUD
But it isn't just cyber attackers from outside the company who can take advantage of misconfigured identity, access and credential management, if it isn't managed properly. It's also possible for these issues to be exploited by insider threats – employees who can exploit the lack of controls to escalate their access privileges and gain access to data they shouldn't be able to.
They could be doing this just because they can, taking it with them to a rival company, or putting it up for sale to cyber criminals to exploit.
While gaining access to login credentials for cloud accounts is an increasingly common technique used in cyberattacks, in some cases, the attacker doesn't need a username or a password at all, because data stored in the cloud is being left exposed and is accessible to anyone who knows where to look.
The report also warns against some other common cloud security flaws, including:
In order to improve identity and access management controls, the report recommends organisations implement a zero-trust model of cybersecurity, requiring validation at every stage of the user's journey through the cloud environment, preventing them from using one set of credentials to gain access to things they don't need to.
Users should also be required to avoid using weak passwords, so intruders can't use brute force attacks or guesswork to gain control of accounts. In addition, users should be equipped with multi-factor authentication to create an extra barrier against attacks.